diff options
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepValidator.java')
| -rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepValidator.java | 598 |
1 files changed, 598 insertions, 0 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepValidator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepValidator.java new file mode 100644 index 000000000..9d5c0f7cf --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepValidator.java @@ -0,0 +1,598 @@ +/* +* Copyright 2003 Federal Chancellery Austria +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egovernment.moa.id.auth.validator.parep;
+
+import java.io.File;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.Vector;
+
+import org.w3c.dom.Element;
+
+import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
+import at.gv.egovernment.moa.id.auth.builder.BPKBuilder;
+import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute;
+import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttributeImpl;
+import at.gv.egovernment.moa.id.auth.data.InfoboxToken;
+import at.gv.egovernment.moa.id.auth.data.InfoboxValidationResult;
+import at.gv.egovernment.moa.id.auth.data.InfoboxValidationResultImpl;
+import at.gv.egovernment.moa.id.auth.data.InfoboxValidatorParams;
+import at.gv.egovernment.moa.id.auth.validator.InfoboxValidator;
+import at.gv.egovernment.moa.id.auth.validator.ValidateException;
+import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.CreateMandateRequest;
+import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.CreateMandateResponse;
+import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWClient;
+import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWClientException;
+import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWConstants;
+import at.gv.egovernment.moa.id.auth.validator.parep.config.ParepConfiguration;
+import at.gv.egovernment.moa.id.config.ConfigurationException;
+import at.gv.egovernment.moa.id.config.ConnectionParameter;
+import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
+import at.gv.egovernment.moa.id.util.SSLUtils;
+import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.Constants;
+
+/**
+ * This class implements a MOA-ID Infobox Validator for validating
+ * a standardized XML mandate using the SZR-gateway.
+ *
+ * @author <a href="mailto:peter.danner@egiz.gv.at">Peter Danner
+ */
+public class ParepValidator implements InfoboxValidator {
+
+ /** activates debug settings */
+ private boolean PAREP_DEBUG = false;
+
+ /** contains the parameters the validator initially was called with */
+ private InfoboxValidatorParams params = null;
+
+ /** contains the configuration of the validator */
+ private ParepConfiguration parepConfiguration = null;
+
+ /** the requested representation ID (currently * or OID) */
+ private String representationID = null;
+
+ /** holds the information of the SZR-request */
+ private CreateMandateRequest request = null;
+
+ /** List of extended SAML attributes. */
+ private Vector extendedSamlAttributes = new Vector();
+
+ /** the class which processes the user input */
+ private ParepInputProcessor inputProcessor = null;
+
+ /** The form if user input is necessary */
+ private String form = null;
+
+ /** unspecified error of parep-validator (must not know more about)*/
+ private final static String COMMON_ERROR = "Es ist ein Fehler bei der Überprüfung für berufsmäßige Parteienvetretung aufgetreten";
+
+ /** Default class to gather remaining mandator data. */
+ public final static String PAREP_INPUT_PROCESSOR = "at.gv.egovernment.moa.id.auth.validator.parep.ParepInputProcessorImpl";
+
+ /** Default template to gather remaining mandator data. */
+ public final static String PAREP_INPUT_TEMPLATE = "/resources/templates/ParepMinTemplate.html";
+
+ /** kind of representation text in AUTH block*/
+ public final static String STANDARD_REPRESENTATION_TEXT = "berufsmäßige(r) Parteienvertreter(in)";
+
+ /** Names of the produced SAML-attributes. */
+ public final static String EXT_SAML_MANDATE_RAW = "Mandate";
+ public final static String EXT_SAML_MANDATE_NAME = "MandatorName";
+ public final static String EXT_SAML_MANDATE_DOB = "MandatorDateOfBirth";
+ public final static String EXT_SAML_MANDATE_WBPK = "MandatorWbpk";
+ public final static String EXT_SAML_MANDATE_REPRESENTATIONTYPE = "RepresentationType"; + public final static String EXT_SAML_MANDATE_OIDTEXTUALDESCRIPTION = "OIDTextualDescription"; + + /** */ + public final static String EXT_SAML_MANDATE_REPRESENTATIONTEXT = "Vollmachtsvertreter";
+
+ /** register and register number for non physical persons - the domain identifier for business applications*/
+ public final static String EXT_SAML_MANDATE_CB_BASE_ID = "MandatorDomainIdentifier";
+
+ /**
+ * Parses the XML configuration element and creates the validators configuration
+ * Use this function if you want to preconfigure the validator.
+ *
+ * @param configElem
+ * the XML configuration element to parse.
+ * @throws ConfigurationException
+ * if an error occurs during the configuration process
+ */
+ public void Configure(Element configElem) throws ConfigurationException {
+ if (this.parepConfiguration == null) {
+ Logger.debug("Lade Konfiguration.");
+ parepConfiguration = new ParepConfiguration(configElem);
+ Logger.debug("Konfiguration erfolgreich geladen.");
+ }
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see at.gv.egovernment.moa.id.auth.validator.InfoboxValidator#validate(at.gv.egovernment.moa.id.auth.data.InfoboxValidatorParams)
+ */
+ public InfoboxValidationResult validate(InfoboxValidatorParams params) throws ValidateException {
+
+ InfoboxValidationResultImpl validationResult = new InfoboxValidationResultImpl(false, null, null);
+
+ try {
+ Logger.debug("Starte Organwalter-/berufsmäßige Parteienvertreterprüfung.");
+ this.params = params;
+
+ Element mandate = extractPrimaryToken(this.params.getInfoboxTokenList());
+ // ParepUtils.serializeElement(mandate, System.out);
+ this.representationID = ParepUtils.extractRepresentativeID(mandate);
+ if (ParepUtils.isEmpty(representationID)) {
+ validationResult.setErrorMessage("Fehlende oder falsche MandateID in standardisierter Vollmacht");
+ return validationResult;
+ }
+
+ // Überprüfen der Identifikation (Type/Value).
+ String identificationType = this.params.getIdentificationType();
+ String identificationValue = this.params.getIdentificationValue();
+ if (this.params.getBusinessApplication()) {
+ if (representationID.startsWith(MOAIDAuthConstants.PARTY_ORGAN_REPRESENTATION_OID_NUMBER)) {
+ validationResult.setErrorMessage("Eine Vertretung durch Organwalter im privatwirtschaftlichen Bereich ist nicht vorgesehen.");
+ return validationResult;
+
+ } else {
+ Logger.debug("Parteienvertreter wird mit wbPK identifiziert");
+ }
+ } else {
+ if (representationID.startsWith(MOAIDAuthConstants.PARTY_ORGAN_REPRESENTATION_OID_NUMBER)) {
+ //Für Organwalter wird die Stammzahl zur Berechnung der Organwalter-bPK benötigt
+ if (!Constants.URN_PREFIX_BASEID.equals(this.params.getIdentificationType())) {
+ Logger.error("Für eine Vertretung durch Organwalter ist es notwendig dessen Stammzahl an das Stammzahlenregister-Gateway zu übermitteln. In der MOA-ID Konfiguration muss die Übermittlung Stammzahl aktiviert sein.");
+ validationResult.setErrorMessage("Die standardisierte Vollmacht wird von diesem Server nicht akzeptiert.");
+ return validationResult;
+ } else {
+ Logger.debug("Organwalter wird mit Stammzahl identifiziert");
+ }
+ } else {
+ if (Constants.URN_PREFIX_BASEID.equals(this.params.getIdentificationType())) {
+ // bPK berechnen, da dem SZR-Gateway das Target nicht bekannt ist
+ identificationType = Constants.URN_PREFIX_CDID;
+ String bpkBase64 = new BPKBuilder().buildBPK(this.params.getIdentificationValue(), this.params.getTarget());
+ identificationValue = bpkBase64;
+ Logger.debug("bPK für Parteienvertreter wurde berechnet. Parteienvertreter wird mit bPK identifiziert");
+ } else {
+ Logger.debug("Parteienvertreter wird mit bPK identifiziert");
+ }
+ }
+ }
+
+ Configure(this.params.getApplicationSpecificParams());
+ // check if we have a configured party representative for that
+ if (!parepConfiguration.isPartyRepresentative(representationID)) {
+ Logger.info("Kein berufsmäßiger Parteienvertreter für MandateID \"" + representationID + "\" konfiguriert.");
+ validationResult.setErrorMessage("Die standardisierte Vollmacht wird von diesem Server nicht akzeptiert.");
+ return validationResult;
+ }
+
+ // Vertreter
+ this.request = new CreateMandateRequest();
+ request.setRepresentative(this.params, identificationType, identificationValue);
+ // ParepUtils.serializeElement(request.getRepresentative(), System.out);
+ //ParepUtils.saveElementToFile(request.getRepresentative(), new File("c:/representative.xml"));
+
+ Logger.debug("Prüfe vorausgefüllte Daten...");
+ boolean physical = true;
+ String familyName = "";
+ String givenName = "";
+ String dateOfBirth = "";
+ String cbFullName = "";
+ String cbIdentificationType = "";
+ String cbIdentificationValue = "";
+ String postalCode = "";
+ String municipality = "";
+ String streetName = "";
+ String buildingNumber = "";
+ String unit = "";
+
+ boolean formNecessary = false;
+ // Vertretener (erstes Vorkommen)
+ Element mandator = ParepUtils.extractMandator(mandate);
+ if (mandator != null) {
+ // ParepUtils.serializeElement(mandator, System.out);
+ // ParepUtils.saveElementToFile(mandator, new File("c:/mandator.xml"));
+ if (ParepUtils.isPhysicalPerson(mandator)) {
+ familyName = ParepUtils.extractText(mandator, "descendant-or-self::pr:Name/pr:FamilyName/text()");
+ givenName = ParepUtils.extractText(mandator, "descendant-or-self::pr:Name/pr:GivenName/text()");
+ dateOfBirth = ParepUtils.extractMandatorDateOfBirth(mandator);
+ } else {
+ physical = false;
+ cbFullName = ParepUtils.extractMandatorFullName(mandator);
+ cbIdentificationType = ParepUtils.getIdentification(mandator, "Type");
+ cbIdentificationValue = ParepUtils.extractMandatorWbpk(mandator);
+ }
+ postalCode = ParepUtils.extractText(mandator, "descendant-or-self::pr:PostalAddress/pr:PostalCode/text()");
+ municipality = ParepUtils.extractText(mandator, "descendant-or-self::pr:PostalAddress/pr:Municipality/text()");
+ streetName = ParepUtils.extractText(mandator, "descendant-or-self::pr:PostalAddress/pr:DeliveryAddress/pr:StreetName/text()");
+ buildingNumber = ParepUtils.extractText(mandator, "descendant-or-self::pr:PostalAddress/pr:DeliveryAddress/pr:BuildingNumber/text()");
+ unit = ParepUtils.extractText(mandator, "descendant-or-self::pr:PostalAddress/pr:DeliveryAddress/pr:Unit/text()");
+
+ }
+ if (physical) {
+ if (!parepConfiguration.isRepresentingPhysicalParty(representationID)) {
+ validationResult.setErrorMessage("Vertretung von natürlichen Personen für diese standardisierte Vollmacht nicht erlaubt.");
+ return validationResult;
+ }
+ if (ParepUtils.isEmpty(familyName) || ParepUtils.isEmpty(givenName) || ParepUtils.isEmpty(dateOfBirth)) {
+ formNecessary = true;
+ }
+ } else {
+ if (!parepConfiguration.isRepresentingCorporateParty(representationID)) {
+ validationResult.setErrorMessage("Vertretung von juristischen Personen für diese standardisierte Vollmacht nicht erlaubt.");
+ return validationResult;
+ }
+ if (ParepUtils.isEmpty(cbFullName) || ParepUtils.isEmpty(cbIdentificationType) || ParepUtils.isEmpty(cbIdentificationValue)) {
+ formNecessary = true;
+ }
+ }
+
+ //Zeigen wir, dass die Daten übernommen wurden:
+ if (parepConfiguration.isAlwaysShowForm()) formNecessary=true;
+
+ // Input processor
+ this.form = "";
+ if (formNecessary) {
+ ParepInputProcessor inputProcessor= getInputProcessor();
+ this.form = inputProcessor.start(
+ physical, familyName, givenName, dateOfBirth, streetName, buildingNumber, unit, postalCode, municipality,
+ cbFullName, cbIdentificationType, cbIdentificationValue);
+ if (this.form == null) {
+ validationResult.setErrorMessage(ParepValidator.COMMON_ERROR);
+ return validationResult;
+ }
+ } else {
+ // Request vorbereiten mit vorgegebenen Daten
+ request.setMandator(familyName, givenName, dateOfBirth, postalCode, municipality, streetName, buildingNumber, unit, physical, cbFullName,
+ cbIdentificationType, cbIdentificationValue);
+ }
+
+
+ // ParepUtils.serializeElement(request.getMandator(), System.out);
+ // ParepUtils.saveElementToFile(request.getMandator(), new File("c:/mandator.xml"));
+
+ addAuthBlockExtendedSamlAttributes();
+ validationResult.setExtendedSamlAttributes(getExtendedSamlAttributes());
+ Logger.debug("Überprüfung der vertretenen Partei erfolgreich beendet");
+ validationResult.setValid(true);
+ return validationResult;
+ } catch (Exception e) {
+ e.printStackTrace();
+ Logger.info(e);
+ validationResult.setErrorMessage(ParepValidator.COMMON_ERROR);
+ return validationResult;
+ }
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see at.gv.egovernment.moa.id.auth.validator.InfoboxValidator#validate(java.util.Map)
+ */
+ public InfoboxValidationResult validate(Map parameters) throws ValidateException {
+
+ InfoboxValidationResultImpl validationResult = new InfoboxValidationResultImpl(false, null, null);
+ Logger.debug("Intermediate processing von Organwalter-/berufsmäßige Parteienvertreterprüfung");
+ Logger.debug("Prüfe im Formular ausgefüllte Daten...");
+ if (PAREP_DEBUG) Logger.debug("Got parameters from user input form: " + parameters.toString());
+
+ // Input processor
+ ParepInputProcessor inputProcessor= getInputProcessor();
+ this.form = inputProcessor.validate(parameters, null);
+ if (this.form == null) {
+ validationResult.setErrorMessage(ParepValidator.COMMON_ERROR);
+ return validationResult;
+ }
+
+ addAuthBlockExtendedSamlAttributes();
+ validationResult.setExtendedSamlAttributes(getExtendedSamlAttributes());
+ validationResult.setValid(true);
+ Logger.debug("Intermediate processing von Organwalter-/berufsmäßige Parteienvertreterprüfung erfolgreich beendet");
+ return validationResult;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see at.gv.egovernment.moa.id.auth.validator.InfoboxValidator#validate(org.w3c.dom.Element)
+ */
+ public InfoboxValidationResult validate(Element samlAssertion) throws ValidateException {
+
+ InfoboxValidationResultImpl validationResult = new InfoboxValidationResultImpl(false, null, null);
+ Logger.debug("Post processing von Organwalter-/berufsmäßige Parteienvertreterprüfung");
+ this.form = "";
+ try {
+
+ // TODO: Frage ob OID im Zertifikat zu prüfen ist (macht derzeit das SZR-gateway). Dies würde aber zu eine Performanceeinbuße führen.
+
+ request.setSignature(samlAssertion);
+
+//DPO debug
+// Element mandate = (ParepUtils.readDocFromIs(new FileInputStream("c:/vertetervollmacht_1.2.40.0.10.3.1_origin-fixed.xml"))).getDocumentElement();
+// String id = representationID;
+// CreateMandateResponse response;
+// if (true) {
+// if (this.params.getHideStammzahl()) {
+// if (PAREP_DEBUG) ParepUtils.saveElementToFile(mandate, new File("c:/vertetervollmacht_"+ id +"_origin.xml"));
+// // Achtung: Es wird hier nicht spezifikationskonform vorgegangen, damit im Kompatibilitätsmodus Personendaten ersetzt werden können.
+// // Würden die Stammzahlen gelöscht (geblindet) werden, würde der Identifikationswert des Vertretenen gänzlich fehlen.
+// // Im Falle einen business Anwendung berechnet MOA-ID nach Rückkehr das wbPK
+// ParepUtils.HideStammZahlen(mandate, this.params.getBusinessApplication(), this.params.getTarget(), this.params.getDomainIdentifier(), false);
+// }
+// if (PAREP_DEBUG) ParepUtils.saveElementToFile(mandate, new File("c:/vertetervollmacht_"+ id +".xml"));
+
+ //ParepUtils.serializeElement(request.toElement(), System.out);
+ if (PAREP_DEBUG) ParepUtils.saveElementToFile(request.toElement(), new File("c:/gwrequest.xml"));
+
+ // configure szrgw client
+ Logger.debug("Lade SZR-GW Client.");
+ SZRGWClient client = new SZRGWClient();
+ // System.out.println("Parameters: " + cfg.getConnectionParameters());
+ Logger.debug("Initialisiere Verbindung...");
+ ConnectionParameter connectionParameters = parepConfiguration.getConnectionParameters(representationID);
+ // Logger.debug("Connection Parameters: " + connectionParameters);
+ Logger.debug("SZR-GW URL: " + connectionParameters.getUrl());
+ client.setAddress(connectionParameters.getUrl());
+ if (connectionParameters.getUrl().toLowerCase().startsWith("https:")) {
+ Logger.debug("Initialisiere SSL Verbindung");
+ client.setSSLSocketFactory(SSLUtils.getSSLSocketFactory(AuthConfigurationProvider.getInstance(), connectionParameters));
+ }
+
+ Logger.debug("Starte Kommunikation mit dem Stammzahlenregister Gateway...");
+ CreateMandateResponse response;
+ Element requ = request.toElement();
+ try {
+ response = client.createMandateResponse(requ);
+ } catch (SZRGWClientException e) {
+ // give him a second try - Nach dem Starten des Tomcat wird beim ersten Mal das Client-Zertifikat offenbar vom HTTPClient nicht mitgeschickt.
+ client = new SZRGWClient(connectionParameters.getUrl());
+ if (connectionParameters.getUrl().toLowerCase().startsWith("https:")) client.setSSLSocketFactory(SSLUtils.getSSLSocketFactory(AuthConfigurationProvider.getInstance(), connectionParameters));
+ response = client.createMandateResponse(requ);
+ }
+ Logger.debug("SZR-Gateway Response Code: " + response.getResultCode()+ " " + response.getInfo()!=null ? response.getInfo():"");
+ if (response.getResultCode()==2000) {
+ if(response.getMandate()==null) {
+ Logger.error("Keine Vollmacht vom SZR-Gateway erhalten");
+ validationResult.setErrorMessage(ParepValidator.COMMON_ERROR);
+ return validationResult;
+ }
+
+
+ //DPO debug output (2lines)
+ String id = representationID;
+ if (id.equals("*")) id="standardisiert";
+
+ Element mandate = response.getMandate();
+ // Replace Stammzahlen
+ if (PAREP_DEBUG) ParepUtils.saveElementToFile(response.getMandate(), new File("c:/vertetervollmacht_"+ id +"_origin.xml"));
+ if (this.params.getHideStammzahl()) {
+ ParepUtils.HideStammZahlen(mandate, this.params.getBusinessApplication(), this.params.getTarget(), this.params.getDomainIdentifier(), false);
+ if (PAREP_DEBUG) ParepUtils.saveElementToFile(mandate, new File("c:/vertetervollmacht_"+ id +"_hideStammzahl.xml"));
+ }
+
+ extendedSamlAttributes.clear();
+ // Vollmacht
+ extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl(ParepValidator.EXT_SAML_MANDATE_RAW, mandate, SZRGWConstants.MANDATE_NS, ExtendedSAMLAttribute.NOT_ADD_TO_AUTHBLOCK));
+
+ validationResult.setExtendedSamlAttributes(getExtendedSamlAttributes());
+ validationResult.setValid(true);
+ Logger.debug("Post processing von Organwalter-/berufsmäßige Parteienvertreterprüfung erfolgreich beendet");
+ } else {
+ String errorMsg = "Fehler " + response.getResultCode() + " bei Stammzahlenregister-Gateway Anfrage";
+ String responseInfo = response.getInfo();
+ if (response.getResultCode()>=4000 && response.getResultCode()<4999) {
+ if (!ParepUtils.isEmpty(responseInfo)) errorMsg = errorMsg + ": " + responseInfo;
+ validationResult.setErrorMessage(errorMsg);
+ } else if (response.getResultCode()>=5000 && response.getResultCode()<=5999) {
+ // Person not found
+ ParepInputProcessor inputProcessor= getInputProcessor();
+ switch (response.getResultCode()) {
+ case 5230:
+ errorMsg = "Keine mit den Eingaben übereinstimmende Person vorhanden. Bitte ergänzen/ändern Sie ihre Angaben.";
+ break;
+ case 5231:
+ errorMsg = "Die Person konnte nicht eindeutig identifiziert werden. Es existieren mehrere Personen zu Ihrer Suchanfrage. Bitte ergänzen/ändern Sie ihre Angaben.";
+ break;
+ default:
+ if (!ParepUtils.isEmpty(responseInfo)) errorMsg = errorMsg + ": " + responseInfo;
+ }
+ this.form = inputProcessor.validate(generateParameters(), errorMsg);
+ if (this.form == null) {
+ validationResult.setErrorMessage(ParepValidator.COMMON_ERROR);
+ return validationResult;
+ }
+ validationResult.setValid(true);
+ } else {
+ // Do not inform the user too much
+ Logger.error(errorMsg);
+ validationResult.setErrorMessage(ParepValidator.COMMON_ERROR);
+ }
+
+ }
+ return validationResult;
+ } catch (Exception e) {
+ e.printStackTrace();
+ Logger.info(e);
+ validationResult.setErrorMessage(ParepValidator.COMMON_ERROR);
+ return validationResult;
+ }
+ }
+
+ /**
+ * provides the primary infobox token of the given list.
+ *
+ * @param infoBoxTokens
+ * the list of infobox tokens.
+ * @return
+ * the XML element of the primary token.
+ * @throws ValidateException
+ * if an error occurs or list is not suitable.
+ */
+ public static Element extractPrimaryToken(List infoBoxTokens) throws ValidateException {
+ if (infoBoxTokens == null || infoBoxTokens.size() == 0) {
+ throw new ValidateException("validator.62", null);
+ }
+ for (int i = 0; i < infoBoxTokens.size(); i++) {
+ InfoboxToken token = (InfoboxToken) infoBoxTokens.get(i);
+ if (token.isPrimary()) {
+ return token.getXMLToken();
+ }
+ }
+ throw new ValidateException("validator.62", null);
+ }
+
+ /*
+ * @see at.gv.egovernment.moa.id.auth.validator.InfoboxValidator#getExtendedSamlAttributes()
+ */
+ public ExtendedSAMLAttribute[] getExtendedSamlAttributes() {
+ ExtendedSAMLAttribute[] ret = new ExtendedSAMLAttribute[extendedSamlAttributes.size()];
+ extendedSamlAttributes.copyInto(ret);
+ Logger.debug("ParepValidator ExtendedSAML Attributes: " + ret.length);
+ return ret;
+ }
+
+
+ /**
+ * @return The next pending user input form, which is "" if no form is to be shown, and null on errors.
+ */
+ public String getForm() {
+ return this.form;
+ }
+
+ /**
+ * Gets the user form input processor (class) assigned to the current party representative
+ * If the method is called for the first time it initializes the input processor.
+ *
+ * @return The user form input processor
+ */
+ private ParepInputProcessor getInputProcessor() {
+
+ if (this.inputProcessor!=null) return inputProcessor;
+ String inputProcessorName = parepConfiguration.getInputProcessorClass(representationID);
+ ParepInputProcessor inputProcessor = null;
+ try {
+ Class inputProcessorClass = Class.forName(inputProcessorName);
+ inputProcessor= (ParepInputProcessor) inputProcessorClass.newInstance();
+ inputProcessor.initialize(representationID, parepConfiguration, this.params.getFamilyName(), this.params.getGivenName(), this.params.getDateOfBirth(), request);
+ } catch (Exception e) {
+ Logger.error("Could not load input processor class \"" + inputProcessorName + "\": " + e.getMessage());
+ }
+ this.inputProcessor = inputProcessor;
+ return inputProcessor;
+ }
+
+ /**
+ * Generates the parameter list, which is needed to simulate a return from
+ * an user form.
+ *
+ * @return the form parameters
+ */
+ private Map generateParameters() {
+ Map parameters = new HashMap();
+ boolean physical = true;
+ String familyName = "";
+ String givenName = "";
+ String dateOfBirth = "";
+ String cbFullName = "";
+ String cbIdentificationType = "";
+ String cbIdentificationValue = "";
+ String postalCode = "";
+ String municipality = "";
+ String streetName = "";
+ String buildingNumber = "";
+ String unit = "";
+
+ try {
+ // Vertretener (erstes Vorkommen)
+ Element mandator = request.getMandator();
+ if (mandator != null) {
+ if (ParepUtils.isPhysicalPerson(mandator)) {
+ familyName = ParepUtils.extractText(mandator, "descendant-or-self::pr:Name/pr:FamilyName/text()");
+ givenName = ParepUtils.extractText(mandator, "descendant-or-self::pr:Name/pr:GivenName/text()");
+ dateOfBirth = ParepUtils.extractMandatorDateOfBirth(mandator);
+ } else {
+ physical = false;
+ cbFullName = ParepUtils.extractMandatorFullName(mandator);
+ cbIdentificationType = ParepUtils.getIdentification(mandator, "Type");
+ cbIdentificationValue = ParepUtils.extractMandatorWbpk(mandator);
+ }
+ postalCode = ParepUtils.extractText(mandator, "descendant-or-self::pr:PostalAddress/pr:PostalCode/text()");
+ municipality = ParepUtils.extractText(mandator, "descendant-or-self::pr:PostalAddress/pr:Municipality/text()");
+ streetName = ParepUtils.extractText(mandator, "descendant-or-self::pr:PostalAddress/pr:DeliveryAddress/pr:StreetName/text()");
+ buildingNumber = ParepUtils.extractText(mandator, "descendant-or-self::pr:PostalAddress/pr:DeliveryAddress/pr:BuildingNumber/text()");
+ unit = ParepUtils.extractText(mandator, "descendant-or-self::pr:PostalAddress/pr:DeliveryAddress/pr:Unit/text()");
+ }
+ } catch (Exception e) {
+ Logger.error("Could not extract Mandator form SZR-gateway request");
+ }
+ parameters.put("familyname_", familyName);
+ parameters.put("givenname_", givenName);
+ parameters.put("dateofbirth_", dateOfBirth);
+ parameters.put("dobyear_", dateOfBirth.substring(0,4));
+ parameters.put("dobmonth_", dateOfBirth.substring(5,7));
+ parameters.put("dobday_", dateOfBirth.substring(8,10));
+ parameters.put("physical_", physical ? "true" : "false");
+ parameters.put("fullname_", cbFullName);
+ parameters.put("cbidentificationtype_", cbIdentificationType);
+ parameters.put("cbidentificationvalue_", cbIdentificationValue);
+ parameters.put("postalcode_", postalCode);
+ parameters.put("municipality_", municipality);
+ parameters.put("streetname_", streetName);
+ parameters.put("buildingnumber_", buildingNumber);
+ parameters.put("unit_", unit);
+ return parameters;
+ }
+
+ /**
+ * Adds the AUTH block related SAML attributes to the validation result.
+ * This is needed always before the AUTH block is to be signed, because the
+ * name of the mandator has to be set
+ */
+ private void addAuthBlockExtendedSamlAttributes() {
+ extendedSamlAttributes.clear();
+ extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl(ParepValidator.EXT_SAML_MANDATE_REPRESENTATIONTYPE, parepConfiguration.getRepresentationText(representationID), SZRGWConstants.MANDATE_NS, ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY));
+ Element mandator = request.getMandator();
+ // Name
+ String name = ParepUtils.extractMandatorName(mandator);
+ extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl(ParepValidator.EXT_SAML_MANDATE_NAME, name, SZRGWConstants.MANDATE_NS, ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY));
+ // Geburtsdatum
+ String dob = ParepUtils.extractMandatorDateOfBirth(mandator);
+ if (dob != null && !"".equals(dob)) {
+ extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl(ParepValidator.EXT_SAML_MANDATE_DOB, dob, SZRGWConstants.MANDATE_NS, ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY));
+ }
+ // (w)bpk
+ String wbpk = ParepUtils.extractMandatorWbpk(mandator);
+ if (!ParepUtils.isEmpty(wbpk)) {
+ if (!ParepUtils.isPhysicalPerson(mandator)){
+ String idType = ParepUtils.extractMandatorIdentificationType(mandator);
+ if (!ParepUtils.isEmpty(idType) && idType.startsWith(Constants.URN_PREFIX_BASEID + "+X")) {
+ extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl(ParepValidator.EXT_SAML_MANDATE_CB_BASE_ID, ParepUtils.getRegisterString(idType) + ": " + wbpk, SZRGWConstants.MANDATE_NS, ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY));
+ }
+ } else if (this.params.getBusinessApplication()) {
+ extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl(ParepValidator.EXT_SAML_MANDATE_WBPK, wbpk, SZRGWConstants.MANDATE_NS, ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY));
+ }
+ }
+ }
+
+// public static void main(String[] args) throws Exception {
+// }
+
+}
|